Storage routers allow access to logical units via a mapping mechanism. Under this technique, the client's identification is used to determine whether access to a particular logical unit may be granted. This mapping scheme is implemented for each command from a particular client. The mapping technique is required since a single target was provided to a client logging into the system. The target housed zero or more logical units that the client was allowed access to. As the login permitted access to the storage appliance but did not control access to the logical units, the mapping technique was implemented.
Access control using mapping techniques requires the storage appliance to have knowledge of the identity of all clients. As the number of logical units and clients increases, the mapping becomes more complex and less efficient, especially when applied on a per command basis.
As a result, there is a need to solve the problems of the prior art to provide for a more efficient access control technique for a storage appliance.